- What's New
- Function Overview
-
Service Overview
- EVS Infographics
- What Is EVS?
- Disk Types and Performance
- Device Types and Usage Instructions
- Shared EVS Disks and Usage Instructions
- EVS Encryption
- EVS Backup
- EVS Snapshot (OBT)
- Differences Between EVS Backups and EVS Snapshots
- EVS Three-Copy Redundancy
- Billing
- Permissions
- Constraints
- EVS and Other Services
- Basic Concepts
- Change History
- Getting Started
-
User Guide
- Permissions Management
- Purchasing and Using an EVS Disk
- Attaching an Existing EVS Disk
- Viewing EVS Disk Details
- Changing the EVS Disk Type (OBT)
- Expanding EVS Disk Capacity
- Detaching and Deleting an EVS Disk
- Managing EVS Snapshots (OBT)
- Managing Encrypted EVS Disks
- Managing Shared EVS Disks
- Managing EVS Disk Backups
- Managing EVS Transfers
- Managing EVS Tags
- Managing EVS Quotas
- Cloud Eye Monitoring
- Recording EVS Operations Using CTS
-
Best Practices
- Using LVM to Manage EVS Disks
- Handling Insufficient Disk Space on a Windows ECS
- RAID Array Creation with EVS Disks
-
Extending Disk Partitions and File Systems (Linux Kernel Earlier Than 3.6.0)
- Preparing for Extending Disk Partitions and File Systems (Linux Kernel Earlier Than 3.6.0)
- Extending System Disk Partitions and File Systems (Linux Kernel Earlier Than 3.6.0)
- Extending Data Disk Partitions and File Systems (Linux Kernel Earlier Than 3.6.0)
- Extending SCSI Data Disk Partitions and File Systems (Linux Kernel Earlier Than 3.6.0)
-
API Reference
- Before You Start
- API Overview
- Calling APIs
- Getting Started
- API Version Query
- API v2
-
OpenStack Cinder API v2
-
EVS Disk
- Creating EVS Disks
- Deleting an EVS Disk
- Updating an EVS Disk
- Querying EVS Disks
- Querying Details About All Disks
- Querying Details About a Disk
- Querying EVS Disk Types
- Querying Details About an EVS Disk Type
- Querying Details of Tenant Quotas
- Adding the Metadata for an EVS Disk
- Querying Metadata of an EVS Disk
- Updating the Metadata of an EVS Disk
- Querying One Piece of Metadata for an EVS Disk
- Updating One Piece of Metadata for an EVS Disk
- Deleting One Piece of Metadata for an EVS Disk
- Querying Extension APIs
- Querying All AZs
-
EVS Disk Actions
- Expanding Capacity of an EVS Disk
- Setting Bootable Flag for an EVS Disk
- Setting Read-Only Flag for an EVS Disk
- Exporting EVS Disk Data as an Image
- Attaching an EVS Disk (Deprecated)
- Detaching an EVS Disk (Deprecated)
- Reserving an EVS Disk (Deprecated)
- Canceling Reservation of an EVS Disk (Deprecated)
-
EVS Snapshot
- Creating an EVS Snapshot
- Deleting an EVS Snapshot
- Updating an EVS Snapshot
- Querying EVS Snapshots
- Querying Details About EVS Snapshots
- Querying Details About an EVS Snapshot
- Adding Metadata of an EVS Snapshot
- Querying Metadata of an EVS Snapshot
- Updating One Piece of Metadata for an EVS Snapshot
- Updating the Metadata of an EVS Snapshot
- Querying One Piece of Metadata for an EVS Snapshot
- Deleting One Piece of Metadata for an EVS Snapshot
- EVS Disk Transfer
-
EVS Disk
- Out-of-Date APIs
- Permissions Policies and Supported Actions
- Appendix
- Change History
- SDK Reference
-
FAQs
- Summary
-
General
- How Do I Start Using a Newly Purchased Disk?
- Can EVS Disks Be Used Directly for Storage?
- Can EVS Disks Be Used Alone?
- How Can I View My Disk Details?
- How Do I Change the Name of My Disk?
- Can I Change the AZ of My Disk?
- Can I Change the Disk Type, Device Type, or Sharing Attribute of My Disk?
- What Should I Do If an Error Occurs on My EVS Disk?
- How Can I Obtain ECS NIC Information?
- Why Do Some of My EVS Disks Not Have WWN Information?
- How Can I Migrate Data from an EVS Disk?
- What Are the Differences Between System Disks and Data Disks?
- Will I Lose My Disk Data If I Reinstall ECS OS, Change the OS, or Change the ECS Specifications?
- How Can I Export the Original Data After I Changed My Server OS from Windows to CentOS?
- What Are the Differences Between MBR and GPT Partition Styles?
- What Does the "reserveVolume" Trace Mean in CTS?
- How Can I Download My EVS Disk Data to a Local PC?
- How Can I Upload Files to My EVS Disk?
- Billing
-
Attachment
- Why Can't I View the Attached Data Disk on the Server?
- Why Can't I Attach My Disk to a Server?
- Can I Attach a Disk to Multiple Servers?
- Can I Attach a Disk to a Server in a Different AZ?
- How Can I Add a Data Disk to an Existing Server?
- Can I Attach Different Types of Disks to the Same Server?
- Can I Switch Between System Disks and Data Disks?
- What Should I Do If a Linux EVS Disk Is Attached to a Windows Server?
- Can I Change the Function of a System Disk or Data Disk Purchased Along with a Server?
- How Do I Obtain My Disk Device Name in the ECS OS Using the Device Identifier Provided on the Console?
-
Capacity Expansion
- Can I Reduce or Temporarily Expand the Disk Capacity?
- What Are the Differences Between Expanding Capacity by Expanding an EVS Disk and Creating a New EVS Disk?
- Will My Disk Data Be Lost After I Expand the Disk Capacity?
- Can I Use Backups or Snapshots Created Before Capacity Expansion to Restore Data on Expanded Disks?
- Do I Need to Restart the Server After Expanding the Disk Capacity?
- Do I Need to Detach an EVS Disk Before Expanding Its Capacity?
- What Should I Do If My Disk Capacity Exceeds 2 TiB After Expansion?
- How Can I Allocate Newly Added Space to a New Partition?
- How Can I Allocate Newly Added Space to an Existing Partition?
- Why Did My Disk Capacity Remain Unchanged on the Server After Capacity Expansion?
- Why Can't I Expand Capacity for My Disk?
- How Do I Extend the File System of an Unpartitioned Data Disk in Linux?
- How Do I Extend the Root Partition of a Quickly Provisioned BMS?
- How Do I View the Disk Partition Style in Linux?
- Detachment
- Deletion
-
Capacity
- What Is the Maximum Capacity Supported for the System and Data Disks?
- What Should I Do If My Disk Starts to Run Out of Space?
- How Do I Clean Up My Disk Space on a Windows Server?
- What Can I Do If the Capacity of My Disk Reaches the Maximum But I Still Need More Space?
- What Should I Do If I Use fdisk to Initialize a Disk Larger Than 2 TiB and Then the Space in Excess of 2 TiB Cannot Be Displayed?
- How Can I View My Disk Usage?
- How Can I Monitor My Disk Usages?
- Can I Transfer the Data Disk Capacity to a System Disk?
- Why the Space of My New Disk Is Full After I Uploaded Only 500 MB of Files to the Disk?
-
Snapshot
- What Are the Typical Causes of a Snapshot Creation Failure?
- Does EVS Support Automatic Snapshot Creation?
- Can I Create Snapshots for Multiple Disks at a Time?
- How Is a Snapshot Created for My Disk?
- Why Can't I Roll Back My Disk Data from a Snapshot?
- Can I Roll Back Data from a Snapshot After Reinstalling the OS or Formatting the Disk?
- How Is the Snapshot Size Calculated?
- Do Snapshots Take Space on the Disk?
- Can I Perform Multiple Rollback Operations for a Snapshot?
- Can I Replicate Snapshots to Other Regions or Accounts?
- Why Can't I Find My Snapshot?
- Can I Use a Snapshot to Create a Disk and Roll Back Disk Data at Almost the Same Time?
- Can I Modify Data in My EVS Snapshot?
-
Performance
- How Do I Test My Disk Performance?
- Why Does My Disk Performance Test Using Fio Have Incorrect Results?
- How Can I Handle a Slowdown in Disk Read/Write Speed or Increased I/Os?
- How Can I Improve My Disk Performance?
- Why My Disk's Read IOPS Can't Reach the Theoretical Maximum IOPS When the Disk I/O Usage Is Almost 100%?
- Sharing
- Backup
Show all
Introduction
This chapter describes fine-grained permissions management for your EVS resources. If your Huawei Cloud account does not need individual IAM users, you can skip this chapter.
By default, new IAM users do not have permissions assigned. You need to add a user to one or more groups, and attach permissions policies or roles to these groups. Users inherit permissions from the groups to which they are added and can perform specified operations on cloud services based on the permissions.
You can grant users permissions by using roles and policies. Roles are a type of coarse-grained authorization mechanism that defines permissions related to user responsibilities. Policies define API-based permissions for operations on specific resources under certain conditions, allowing for more fine-grained, secure access control of cloud resources.
Policy-based authorization is useful if you want to allow or deny the access to an API.
An account has all the permissions required to call all APIs, but IAM users must be assigned the required permissions. The permissions required for calling an API are determined by the actions supported by the API. Only users who have been granted permissions allowing the actions can call the API successfully. For example, if an IAM user queries EVS disks using an API, the user must have been granted permissions that allow the evs:volumes:list action.
Supported Actions
EVS provides system-defined policies that can be directly used in IAM. You can also create custom policies and use them to supplement system-defined policies, implementing more refined access control. Operations supported by policies are specific to APIs. The following are common concepts related to policies:
- Permission: A statement in a policy that allows or denies certain operations.
- API: REST APIs that can be called by a user who has been granted specific permissions.
- Action: Specific operations that are allowed or denied.
- Dependent actions: When assigning an action to users, you also need to assign dependent permissions for that action to take effect.
- IAM projects or enterprise projects: Type of projects in which policies can be used to grant permissions. A policy can be applied to IAM projects, enterprise projects, or both. Policies that contain actions for both IAM and enterprise projects can be used and take effect for both IAM and Enterprise Management. Policies that only contain actions for IAM projects can be used and only take effect for IAM. For details about the differences between IAM and enterprise projects, see
EVS supports the following actions that can be defined in custom policies:
- API version query actions (API Version Query), including actions supported by EVS version query APIs, such as the APIs for querying API versions.
- Disk actions (Disk), including actions supported by EVS disk APIs, such as the APIs for creating a disk, querying disks, deleting a disk, and updating a disk.
- Actions of disk actions (Disk Action), including actions supported by EVS disk actions, such as the APIs for expanding the capacity of a disk, exporting a disk as an image, and setting read-only flag for a disk.
- Snapshot actions (Snapshot), including actions supported by EVS snapshot APIs, such as the APIs for creating a snapshot, querying snapshots, updating a snapshot, and deleting a snapshot.
- Tag actions (Tag), including actions supported by EVS tag APIs, such as the APIs for deleting tags by key, batch adding tags, batch deleting tags, and querying tags.
- Disk transfer actions (Disk Transfer), including actions supported by EVS disk transfer APIs, such as the APIs for creating a disk transfer, querying disk transfers, accepting a disk transfer, and deleting a disk transfer.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.